"Cisco gate" and "Meet the Fed" at Defcon....

• Previous message (by thread): More info on the Exploit from Black Hat conference
• Next message (by thread): "Cisco gate" and "Meet the Fed" at Defcon....
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 31 Jul 2005, Fergie (Paul Ferguson) wrote:
> No one ever said the Internet wasn't chock full of contradictions.
> One one hand, we have what some are now calling "Cisco gate":
> http://news.com.com/Hackers+rally+behind+Cisco+flaw+finder/2100-1002_3-5812044.html

<quote>Alder then blasted Cisco for going after Lynn.
"Cisco, you are really screwing up," she said, followed by a round of 
applause. "Suing researchers is not going to make you secure. Alienating 
the security community is not going to encourage people to come to you and 
report problems and work with you."</quote>

Agreed 100%.

Cisco, are you listening?

By this misbehavior you are seriously discouraging researchers from 
releasing info to you. They will suspect you'll sit on the exploit for 
months and not tell anyone (as you did with this one). They'll be afraid 
you'll try to kill the messenger (as you did with this one).

Instead, they're just going to release exploits into the wild anonymously. 
Is this what you want? Then keep it up.

-Dan

• Previous message (by thread): More info on the Exploit from Black Hat conference
• Next message (by thread): "Cisco gate" and "Meet the Fed" at Defcon....
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]